MrFk

followers

following

stars

MrFk's starred repositories

CVE-2022-22947_Rce_Exp

Spring Cloud Gateway 远程代码执行漏洞Exp Spring_Cloud_Gateway_RCE_Exp-CVE-2022-22947

Language:Python7500

RTASS

红蓝对抗量化评估系统（Red Team Assessment Scoring System）

Language:HTMLApache-2.019300

CVE-2022-0847-DirtyPipe-Exploit

A root exploit for CVE-2022-0847 (Dirty Pipe)

Language:CGPL-2.0109000

CVE-2022-25636

CVE-2022-25636

Language:C42600

SharpXDecrypt

Xshell全版本密码恢复工具

Language:C#MIT87200

SysWhispers2

AV/EDR evasion via direct system calls.

Language:AssemblyApache-2.09900

HackJava

《Java安全-只有Java安全才能拯救宇宙》Only Java Security Can Save The Universe.

KillDefender

A small POC to make defender useless by removing its token privileges and lowering the token integrity

Language:C++66600

CVE-2021-4034

CVE-2021-4034 Add Root User - Pkexec Local Privilege Escalation

Language:C9600

pingcastle

PingCastle - Get Active Directory Security at 80% in 20% of the time

Language:C#NOASSERTION233100

PwnKit

Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation

Language:CMIT107300

CVE-2021-44228-PoC-log4j-bypass-words

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Language:Java93300

Stowaway

👻Stowaway -- Multi-hop Proxy Tool for pentesters

Language:GoMIT277100

netspy

netspy是一款快速探测内网可达网段工具（深信服深蓝实验室天威战队强力驱动）

Language:Go198900

noPac

Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

Language:Python79500

log4j-scan

A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228

Language:PythonMIT340400

noPac

CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.

Language:C#133500

InfoSec-Black-Friday

All the deals for InfoSec related software/tools this Black Friday

fastjson-check

fastjson 被动扫描、不出网payload生成

Apache-2.036900

CVE-2021-35215

SolarWinds Orion Platform ActionPluginBaseView 反序列化RCE

4700

Needle_Sift_BOF

Strstr with user-supplied needle and filename as a BOF.

Language:C3000

AIAssist

GameAssist是一个AI游戏助手，结合OpenCv、OpenCvSharp4、ssd_mobilenet_v3等技术，对游戏对象进行识别，支持自动瞄准/自动开枪等功能，提升玩家的游戏体验

Language:C#Apache-2.026700

ptunnel-ng

Tunnel TCP connections through ICMP.

Language:CBSD-3-Clause41100

AzureAD-Attack-Defense

This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.

Language:PowerShell213800

Vuln100Topics

知识星球《漏洞百出》最新 20条 Topic

BeaconEye

Hunts out CobaltStrike beacons and logs operator command output

Language:C#88200

RCE-0-day-for-GhostScript-9.50

RCE 0-day for GhostScript 9.50 - Payload generator

Language:Python54000

shiro_rce_tool

shiro 反序列命令执行辅助检测工具

gadgetinspector

利用链、漏洞检测工具

Language:JavaMIT36500

SocksOverRDP

Socks5/4/4a Proxy support for Remote Desktop Protocol / Terminal Services / Citrix / XenApp / XenDesktop

Language:C++MIT106700